A system and method for encrypting all channels of a wireless spread spectrum communication at the chip level. The pn sequence is encrypted with one or more encryption sequences and then used to spread the signal.
|
21. A method for secure wireless communication using spread spectrum principles comprising:
generating at least one encryption sequence based on at least one of key and time-varying input;
combining a pn sequence with the encryption sequence to render an encrypted pn sequence; and
using the encrypted pn sequence to despread a received spread spectrum signal to render a despread signal.
42. A processor for secure wireless communication using spread spectrum principles, said processor being configured to:
generate at least one encryption sequence based on at least one of key and time-varying input;
combine a pn sequence with the encryption sequence to render an encrypted pn sequence; and
use the encrypted pn sequence to despread a received spread spectrum signal to render a despread signal.
1. A method for secure wireless communication using spread spectrum principles, comprising:
generating at least one pseudorandom number (pn) sequence;
generating at least one encryption sequence based on at least one of key and time-varying input;
combining the pn sequence with said encryption sequence to render an encrypted pn sequence; and
using the encrypted pn sequence to spread a communication signal.
35. An apparatus for secure wireless communication using spread spectrum principles comprising:
means for generating at least one encryption sequence based on at least one of key and time-varying input;
means for combining a pn sequence with the encryption sequence to render an encrypted pn sequence; and
means for using the encrypted pn sequence to despread a received spread spectrum signal to render a despread signal.
19. A processor for secure wireless communication using spread spectrum principles, said processor being configured to:
generate at least one pseudorandom number (pn) sequence;
generate at least one encryption sequence based on at least one of key and time-varying input;
combine the pn sequence with said encryption sequence to render an encrypted pn sequence; and
use the encrypted pn sequence to spread a communication signal.
20. A computer-program product for secure wireless communication using spread spectrum principles, comprising:
a computer-readable medium comprising instructions for causing a computer to:
generate at least one encryption sequence based on at least one of key and time-varying input;
combine the pn sequence with said encryption sequence to render an encrypted pn sequence; and
use the encrypted pn sequence to spread a communication signal.
7. An apparatus for secure wireless communication using spread spectrum principles, comprising:
means for generating at least one pseudorandom number (pn) sequence;
means for generating at least one encryption sequence based on at least one of key and time-varying input;
means for combining the pn sequence with said encryption sequence to render an encrypted pn sequence; and
means for using the encrypted pn sequence to spread a communication signal.
43. A computer-program product for secure wireless communication using spread spectrum principles comprising:
a computer-readable medium comprising instructions for causing a computer to:
generate at least one encryption sequence based on at least one of key and time-varying input;
combine a pn sequence with the encryption sequence to render an encrypted pn sequence; and
use the encrypted pn sequence to despread a received spread spectrum signal to render a despread signal.
28. An apparatus for secure wireless communication using spread spectrum principles comprising:
an encryption sequence generator configured to generate at least one encryption sequence based on at least one of key and time-varying input;
a pn sequence generator configured to combine a pn sequence with the encryption sequence to render an encrypted pn sequence; and
a despreader configured to use the encrypted pn sequence to despread a received spread spectrum signal to render a despread signal.
46. A base station for secure wireless communication using spread spectrum principles comprising:
an antenna;
an encryption sequence generator configured to generate at least one encryption sequence based on at least one of key and time-varying input;
a pn sequence generator configured to combine a pn sequence with the encryption sequence to render an encrypted pn sequence; and
a despreader configured to use the encrypted pn sequence to despread a spread spectrum signal received using the antenna to render a despread signal.
47. A user terminal for secure wireless communication using spread spectrum principles comprising:
an antenna;
an encryption sequence generator configured to generate at least one encryption sequence based on at least one of key and time-varying input;
a pn sequence generator configured to combine a pn sequence with the encryption sequence to render an encrypted pn sequence; and
a despreader configured to use the encrypted pn sequence to despread a spread spectrum signal received using the antenna to render a despread signal.
13. An apparatus for secure wireless communication using spread spectrum principles, comprising:
a pseudorandom number (pn) sequence generator configured to generate at least one pn sequence;
an encryption sequence generator configured to generate at least one encryption sequence based on at least one of key and time-varying input and further configured to combine the pn sequence with the encryption sequence to render an encrypted pn sequence; and
a spreader configured to use the encrypted pn sequence to spread a communication signal.
44. A base station for secure wireless communication using spread spectrum principles, comprising:
an antenna;
a pseudorandom number (pn) sequence generator configured to generate at least one pn sequence;
an encryption sequence generator configured to generate at least one encryption sequence based on at least one of key and time-varying input and further configured to combine the pn sequence with the encryption sequence to render an encrypted pn sequence; and
a spreader configured to use the encrypted pn sequence to spread a communication signal transmitted over the antenna.
45. A user terminal for secure wireless communication using spread spectrum principles, comprising:
an antenna;
a pseudorandom number (pn) sequence generator configured to generate at least one pn sequence;
an encryption sequence generator configured to generate at least one encryption sequence based on at least one of key and time-varying input and further configured to combine the pn sequence with the encryption sequence to render an encrypted pn sequence; and
a spreader configured to use the encrypted pn sequence to spread a communication signal transmitted over the antenna.
2. The method of
3. The method of
4. The method of
5. The method of
6. The method of
8. The apparatus of
9. The apparatus of
10. The apparatus of
11. The apparatus of
12. The apparatus of
14. The apparatus of
15. The apparatus of
16. The apparatus of
17. The apparatus of
18. The apparatus of
23. The method of
24. The method of
25. The method of
26. The method of
27. The method of
29. The apparatus of
a Walsh demodulator configured to receive a despread signal.
30. The apparatus of
31. The apparatus of
32. The apparatus of
33. The apparatus of
34. The apparatus of
36. The apparatus of
means for sending the despread signal to a Walsh demodulator.
37. The apparatus of
38. The apparatus of
39. The apparatus of
40. The apparatus of
41. The apparatus of
|
The U.S. Government has a paid-up license in this invention and the right in limited circumstances to require the patent owner to license others on reasonable terms as provided by the terms of Contract No. MDA904-99-9-0001 awarded by the National Security Agency (NSA).
The present invention relates generally to the encryption of wireless communication, particularly as regards to spread spectrum communication such as but not limited CDMA and CDMA-type communications.
Wireless terminals, such as but not limited to wireless telephones that communicate using Code Division Multiple Access (CDMA) spread spectrum modulation techniques, communicate over the air with system infrastructure using wireless over-the-air communication protocols, e.g., the CDMA protocols known as IS-95A, IS-95B, IS-2000, TD-SCDMA, Large Area Synchronous (LAS-CDMA), and W-CDMA. The system infrastructure, which can include base stations (BTS), base station controllers (BSC), and other components, connects the wireless terminal to another communication device, such as a land line or another wireless communication system.
To provide for secure communication using spread spectrum wireless systems, encryption principles can be used. For example, U.S. Pat. No. 5,727,064 discloses a method for secure communication that encrypts frames of communication (the data symbols, or payload) using a nonlinear scrambler. The scrambler is coupled to the output of the long code generator to remove linearity from the long code sequence produced by the long code generator. Portions of the long code sequence subsequently are combined with the main data signal that is output by the bit interleaver, thereby encrypting frames of data prior to spreading the frames in accordance with spread spectrum communication principles.
According to the '064 patent, breaking a nonlinear encryption is more difficult to do than breaking an encryption using a linear scrambler. As recognized herein, however, symbol-based encryption, even if nonlinear, remains vulnerable to eavesdropping because it is a relatively small and aligned data payload and is thus less cumbersome to break down and decrypt than a larger and non-aligned payload would be. Moreover, since the frames are encrypted in the above-mentioned patent, other system control channels, such as the synchronization and pilot channels are not encrypted. With the above considerations in mind, the present invention provides the solutions disclosed below.
A method for encrypting spread spectrum wireless communication is disclosed in which the complex-valued scrambling code, e.g., a pseudorandom number (PN) sequence that is used for spreading or scrambling the signal, is encrypted by complex multiplication with data chip sequences. Hence, the present invention essentially encrypts the entire communication, at what amounts to the chip level. As a consequence, the entire communication and not just individual frames or symbols must be broken down and analyzed by an eavesdropper to break the encryption.
Accordingly, a method for secure wireless communication using spread spectrum principles includes generating at least one pseudorandom number (PN) sequence, and encrypting the PN sequence to render an encrypted PN sequence. Using the encrypted PN sequence, a communication signal is spread and encrypted as a by-product of the spreading operation.
In a preferred, non-limiting embodiment, the communication signal is received from data modulation circuitry that may include a Walsh modulator. The PN sequence can be encrypted by combining the PN sequence with an encryption sequence (for less preferred BPSK modulation) or two encryption sequences (in the case of QPSK modulation). More encryption sequences as necessary can be used for 8-PSK modulation, QAM-16 modulation, QAM-64 modulation, and so on.
In a particularly preferred, non-limiting embodiment, the encryption sequence is generated by a DES encryption, such as triple-DES. In this exemplary embodiment, the DES encryption receives input including at least one multi-bit key and at least one time-varying input, such as but not limited to a long code state. If desired, the key periodically can be refreshed.
In another aspect, a wireless communication system includes a data modulation component that can include a channel coder that codes a communication signal for error correction to produce a coded signal, a bit interleaver for interleaving bits in the coded signal to produce an interleaved coded signal, and a Walsh modulator coupled to the bit interleaver to modulate the interleaved coded signal using a Walsh function. As set forth further below, a carrier modulator spreads the signal from the data modulation component with a pseudorandom number (PN) sequence that is encrypted with at least one encryption sequence.
In yet another aspect, a computer program product includes means for encrypting a PN sequence, and means for providing the PN sequence to a spread spectrum communication device for use thereof in spreading or despreading a communication signal.
In still another aspect, a chip for use in a communication device includes a data modulation component to produce a Walsh-modulated interleaved coded signal. A carrier modulator spreads the Walsh-modulated interleaved coded signal with a pseudorandom number (PN) sequence that is encrypted with at least one encryption sequence.
In another aspect, a chip for use in a communication device includes a PN sequence generator receiving at least one encryption sequence. The PN sequence is combined with the encryption sequence and sent to a despreading component to despread a received spread spectrum communication signal using the combined sequence to render a despread signal. Additional components demodulate, deinterleave, and decode the signal.
In another aspect, a method for secure wireless communication using spread spectrum principles includes receiving at least one encryption sequence, and using the encryption sequence to render an encrypted PN sequence. The method also includes using the encrypted PN sequence to despread a received spread spectrum signal to render a despread signal.
The details of the present invention, both as to its structure and operation, can best be understood in reference to the accompanying drawings, in which like reference numerals refer to like parts, and in which:
Referring initially to
In accordance with the present invention, the system 10 uses spread spectrum techniques. Accordingly, the mobile station 12 can use an over the air (OTA) protocol such as CDMA or WCDMA to communicate with the infrastructure 14. In one non-limiting embodiment the mobile station 12 is a mobile telephone made by Kyocera, Samsung, or other manufacturer that uses Code Division Multiple Access (CDMA) principles and CDMA over-the-air (OTA) communication air interface and includes protocols such as defined in but not limited to IS-95A, IS-95B, WCDMA, cdma-2000, IX, IXEV-DO, EV-DV, TD-SDMA, LAS-CDMA, and others to communicate with the infrastructure 14. As is known in the art, IS-95A and IS-95B are examples of spread spectrum protocols that use BPSK data modulation, whereas WCDMA, as an example, is a spread spectrum protocols that uses QPSK data modulation, i.e., split data streams with “I” and “Q” branches.
For instance, the wireless communication systems to which the present invention can apply, in amplification to those noted above, include Personal Communications Service (PCS) and the following digital systems: CDMA, WCDMA, and hybrid Time Division Multiple Access (TDMA)/CDMA technologies. A CDMA cellular system is described in the Telecommunications Industry Association/Electronic Industries Association (TIA/EIA) Standard IS-95. Other communications systems are described in the International Mobile Telecommunications System 2000/Universal Mobile Telecommunications Systems (IMT-2000/UM), standards covering what are referred to as wideband CDMA (WCDMA), cdma2000 (such as, cdma2000 1× or 3× standards, for example), TD-SCDMA, or LAS-CDMA.
The present invention applies to any spread spectrum mobile station 12; for illustration it will be assumed that the mobile station 12 is a telephone. In general, wireless communication devices to which the present invention applies may include but are not limited to a wireless handset or telephone, a cellular phone, a data transceiver, or a paging and position determination receiver, and can be hand-held, or portable as in vehicle-mounted (including cars, trucks, boats, planes, trains), as desired. However, while wireless communication devices are generally viewed as being mobile, it is to be understood that the present invention can be applied to “fixed” units in some implementations. Also, the present invention applies to data modules or modems used to transfer voice and/or data information including digitized video information, and may communicate with other devices using wired or wireless links. Further, the present invention applies to wireless, peer-to-peer communications. Moreover, commands might be used to cause modems or modules to work in a predetermined coordinated or associated manner to transfer information over multiple communication channels simultaneously. Wireless communication devices are also sometimes referred to as user terminals, mobile stations, mobile units, subscriber units, mobile radios or radiotelephones, wireless units, or simply as “users” and “mobiles” in some communication systems.
Now referring to
As shown, the chip 21 can include a data modulation component 22 that can include one or more of the following. The component 22 can include a voice coder when the chip 21 is incorporated in a mobile station for encrypting an uplink. The voice coder functions in accordance with wireless communication principles known in the art to generate a data stream representative of a speaker's voice.
The data modulation component 22 can also include a channel coder that receives the data from the voice coder or other component and codes the signal for error correction in accordance with wireless communication principles known in the art. The coded signal is sent to a bit interleaver of the data modulation component 22 which rearranges the order of the bits to reduce the effect of burst errors. From the bit interleaver, the signal can be sent to a Walsh modulator (or spreader) which Walsh-modulates the signal in accordance with wireless communication principles known in the art by multiplying the signal with a Walsh function.
The Walsh-modulated signal is then sent to a carrier spreader, e.g., a quadrature carrier spreader or binary carrier spreader 30 which spreads the signal in accordance with spread spectrum communication principles known in the art using a PN sequence. Specifically, the spreader 30 uses an encrypted PN spreading sequence from a PN sequence generator 32 to spread and encrypt the signal. As discussed further below, the PN sequence generator 32 receives from an encryption sequence generator 34 an encryption sequence (when BPSK principles are used), or two encryption sequences (when QPSK principles are used), or as appropriate more than two sequences for 8 bit, 16 bit, and QAM systems. As discussed further below, the encryption sequence generator 34 receives keys.
Once spread and encrypted, the signal is sent to an impulse modulator 36 that receives a carrier signal to modulate the signal for transmission. The signal can be shaped by a wave shaper if desired and then sent to a transmitter for transmission using an antenna 42.
In addition to the above-described transmitter portion, the chip 21 can also include a receiver portion, if desired. That is, if desired both the uplink and downlink can be encrypted, or only one side of the communication channel need be encrypted. For completeness,
Accordingly, a receiver antenna 44 is coupled to a processing/amplification component if desired in accordance with principles known in the art, and then the amplified signal is sent to an impulse demodulator 48 which receives a carrier signal for demodulation. The signal is then sent to a despreader 50 that can receive an encrypted PN sequence from the PN sequence generator 32 to despread the signal. It is to be understood that the encrypted PN sequence hypothesis for searching requires an a priori knowledge of estimated time from, e.g., GPS or other source of time information.
The signal is then processed by a data demodulation component 52 which can include a Walsh demodulator, a bit deinterleaver, and a channel decoder for respectively Walsh demodulating (or despreading) the signal, de-interleaving it, and decoding it in accordance with principles known in the art. When incorporated in a MS, the signal can be sent to a voice decoder to be transformed into an audible signal.
Having set forth the overall structure of one preferred, non-limiting chip 21, attention is now directed to
As shown, the spreader 30 can receive first and second data streams DI and DQ to produce respective first and second spread data streams using first and second encrypted PN sequences from the PN sequence generator 32. If desired, a HPSK component 53 can be interposed between the spreader 30 and PN sequence generator 32 to reduce peak to average performance. The first and second PN sequences are encrypted by combining a PN sequence with first and second encryption sequences from the encryption sequence generator 34. In one non-limiting, exemplary embodiment, the combination is effected by an XOR operation, although other methods for combining the PN sequence with an encryption sequence can be used.
A presently preferred, non-limiting encryption sequence generator 34 is illustrated in
In one illustrative, non-limiting embodiment, the inputs to the triple-DES can be any combination of select portions of a time varying input, such as but not limited to a long code state 62 with companion bits 64 if necessary, or any function thereof. Two sets of inputs such as but not limited to companion bits can be used to respectively establish the first and second encryption sequences II, IQ. Multiple sets of inputs can be used to establish the encryption sequences for a forward link II, forward link IQ, reverse link II, and reverse link IQ.
Also, secret keys 66 can be input to the triple-DES. These keys 66 can be periodically changed, i.e., refreshed, by means known in the art without service disruption, so that even if the keys 66 are decrypted by an eavesdropper (which would take considerable time, given the chip-level encryption of the present invention), by the time they are decrypted new keys 66 will have been issued, rendering the old keys worthless for further decryption by the eavesdropper. Sixty four, 128, or fewer or more parallel bits can be used as the input to the block ciphers.
In the case of decryption, the PN sequence of the PN sequence generator 32 is combined with the encryption sequences II, IQ and then used to despread the received data signal.
In other words, the logic may be embodied by a computer program that is executed by a processor within, e.g., the MS 70 as a series of computer- or control element-executable instructions. These instructions may reside, for example, in RAM or on a hard drive or optical drive, or the instructions may be stored on magnetic tape, electronic read-only memory, or other appropriate data storage device that can be dynamically changed or updated.
The logic shown in
While the particular SYSTEM AND METHOD FOR ENCRYPTING SPREAD SPECTRUM CARRIER as herein shown and described in detail is fully capable of attaining the above-described objects of the invention, it is to be understood that it is the presently preferred embodiment of the present invention and is thus representative of the subject matter which is broadly contemplated by the present invention, that the scope of the present invention fully encompasses other embodiments which may become obvious to those skilled in the art, and that the scope of the present invention is accordingly to be limited by nothing other than the appended claims, in which reference to an element in the singular is not intended to mean “one and only one” unless explicitly so stated, but rather “one or more.” All structural and functional equivalents to the elements of the above-described preferred embodiment that are known or later come to be known to those of ordinary skill in the art are expressly incorporated herein by reference and are intended to be encompassed by the present claims. Moreover, it is not necessary for a device or method to address each and every problem sought to be solved by the present invention, for it to be encompassed by the present claims. Furthermore, no element, component, or method step in the present disclosure is intended to be dedicated to the public regardless of whether the element, component, or method step is explicitly recited in the claims. No claim element herein is to be construed under the provisions of 35 U.S.C. §112, sixth paragraph, unless the element is expressly recited using the phrase “means for” or, in the case of a method claim, the element is recited as a “step” instead of an “act.”
Odenwalder, Joseph P., Agre, Daniel H., Quick, Roy Franklin, Wheatley, Charles E., Carter, Stephen S., Iraninejad, Mehraban, Jarosinski, Tad
Patent | Priority | Assignee | Title |
7526295, | Mar 16 2004 | AVAGO TECHNOLOGIES INTERNATIONAL SALES PTE LIMITED | Integration of secure identification logic into cell phone |
7761110, | May 31 2006 | Cisco Technology, Inc. | Floor control templates for use in push-to-talk applications |
8223971, | May 30 2006 | Samsung Electronics Co., Ltd | Apparatus and method for encrypting security key in mobile communication terminal |
8243895, | Dec 13 2005 | Cisco Technology, Inc. | Communication system with configurable shared line privacy feature |
8503621, | Mar 02 2006 | Cisco Technology, Inc.; Cisco Technology, Inc | Secure voice communication channel for confidential messaging |
8687785, | Nov 16 2006 | Cisco Technology, Inc; Cisco Technology, Inc. | Authorization to place calls by remote users |
8817061, | Jul 02 2007 | Cisco Technology, Inc. | Recognition of human gestures by a mobile phone |
9826336, | Jan 13 2014 | LG Electronics Inc | Method and apparatus for transmitting and receiving frame supporting short MAC header in wireless LAN system |
Patent | Priority | Assignee | Title |
5060265, | Jul 23 1990 | Motorola, Inc. | Method of protecting a linear feedback shift register (LFSR) output signal |
5727064, | Jul 03 1995 | THE CHASE MANHATTAN BANK, AS COLLATERAL AGENT | Cryptographic system for wireless communications |
5742678, | Aug 16 1994 | Ericsson, Inc. | Multiple access coding for radio communications |
5771288, | Apr 10 1992 | Ericsson, Inc | Multiple access coding for radio communications |
6044388, | May 15 1997 | RPX Corporation | Pseudorandom number generator |
6331974, | Jun 23 1997 | Regents of the University of California, The | Chaotic digital code-division multiple access (CDMA) communication systems |
6426960, | Jun 24 1997 | Qualcomm Incorporated | Increased capacity data transmission in a CDMA wireless communication system |
6452959, | May 28 1999 | DOT WIRELESS, INC ; VLSI Technology, Inc | Method of and apparatus for generating data sequences for use in communications |
6895090, | Apr 30 1999 | Texas Instruments Incorporated; Texas Instruments Inc | Pseudo-noise sequence with insertion having variant length and position |
EP752772, | |||
EP1049288, | |||
WO24139, |
Executed on | Assignor | Assignee | Conveyance | Frame | Reel | Doc |
Nov 16 2001 | Qualcomm Incorporated | (assignment on the face of the patent) | / | |||
Jan 04 2002 | JAROSINSKI, TAD | Qualcomm Incorporated | ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS | 012655 | /0434 | |
Jan 04 2002 | AGRE, DANIEL H | Qualcomm Incorporated | ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS | 012655 | /0434 | |
Jan 04 2002 | CARTER, STEPHEN S | Qualcomm Incorporated | ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS | 012655 | /0434 | |
Jan 04 2002 | IRANINEJAD, MEHRABAN | Qualcomm Incorporated | ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS | 012655 | /0434 | |
Jan 04 2002 | ODENWALDER, JOSEPH P | Qualcomm Incorporated | ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS | 012655 | /0434 | |
Jan 04 2002 | QUICK, ROY FRANKLIN | Qualcomm Incorporated | ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS | 012655 | /0434 | |
Jan 04 2002 | WHEATLEY, CHARLES E | Qualcomm Incorporated | ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS | 012655 | /0434 |
Date | Maintenance Fee Events |
Jul 21 2011 | M1551: Payment of Maintenance Fee, 4th Year, Large Entity. |
Jul 28 2015 | M1552: Payment of Maintenance Fee, 8th Year, Large Entity. |
Oct 07 2019 | REM: Maintenance Fee Reminder Mailed. |
Mar 23 2020 | EXP: Patent Expired for Failure to Pay Maintenance Fees. |
Date | Maintenance Schedule |
Feb 19 2011 | 4 years fee payment window open |
Aug 19 2011 | 6 months grace period start (w surcharge) |
Feb 19 2012 | patent expiry (for year 4) |
Feb 19 2014 | 2 years to revive unintentionally abandoned end. (for year 4) |
Feb 19 2015 | 8 years fee payment window open |
Aug 19 2015 | 6 months grace period start (w surcharge) |
Feb 19 2016 | patent expiry (for year 8) |
Feb 19 2018 | 2 years to revive unintentionally abandoned end. (for year 8) |
Feb 19 2019 | 12 years fee payment window open |
Aug 19 2019 | 6 months grace period start (w surcharge) |
Feb 19 2020 | patent expiry (for year 12) |
Feb 19 2022 | 2 years to revive unintentionally abandoned end. (for year 12) |